Stop it now with your GDPR emails

23 May 2018 / John McDermott

The time for GDPR re-engagement emails is over now as the 25th May approaches. And what a blessed relief that is; finally we see the back of ‘come back to us’, ‘we miss you’, ‘your privacy matters to us’… Does it? Does your privacy matter to a Wi-Fi provider in a hotel in Sussex you took your wife to for your wedding anniversary three years ago? Really? In this blog, John McDermott explains why these emails are not necessary.

Amongst the re-engagement emails from brands you haven’t engaged with in years, we are now all suffering from a spate of Privacy Policy emails blaming GDPR and sternly informing you that their Privacy Policy, to which you gave not a second thought, is so important that they have written an email (or in the case of my bank) a letter informing of its update in a pointless information share.

Of the six legal bases for processing data, most organisations will rely on:

  • Consent:
    If you have consent recorded; date and time stamped you’re good to go. If you don’t – then remove this data.
  • Contract:
    Where goods and services have changed hands, you CAN contact your customer. You don’t also need consent if you’ve sold goods or services to a customer if you are fulfilling that order, common sense should tell you that, but you do for future marketing.
  • Legitimate Interest:
    This seems to be everyone’s weapon of choice. You can make a case for legitimate interest following completion of a Legitimate Interest Assessment (LIA). The ICO provides a guide here. Legitimate Interest will cover most but not all B2B activity; if the right processes are followed and in the B2C space under certain circumstances.

The GDPR is not designed to stop business or put an extra burden on organisations it is principally there to protect the rights of the individual and their data.

I must sign off now to visit my Inbox to clear out those unnecessary re-engagement and privacy policy emails that have arrived today. May I be the first to offer you happy GDPR day on Friday 25th May!

Jaywing are offering a one-day GDPR permission focused workshop to cover the three key aspects of GDPR; namely data, brand and channel. Find out more by visiting our dedicated GDPR microsite for practical advice, best practice and thought leadership: gdpr.jaywing.com.